An Experimental Approach for Estimating Cyber Risk: A Proposal Building upon Cyber Ranges and Capture the Flags

G. Di Tizio, F. Massacci, L. Allodi, S. Dashevskyi, J. Mirkovic

Research output: Chapter in Book / Report / Conference proceedingConference contributionAcademicpeer-review

Abstract

© 2020 IEEE.Current approaches to estimate the risk of compromise are based on either historical data or pure technical assessments, such as the number and severity of vulnerabilities in the target network. We propose a novel experimental approach for estimating the risk of compromise based on experimental data, as opposed to observational data, by leveraging on cyber ranges and capture the flag exercises. We identify the key design principles in terms of response and explanatory variables, specification of how they can be measured, and the overall block design from related experiments and approaches as well as assess their suitability and limitations.
Original languageEnglish
Title of host publicationProceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages56-65
ISBN (Electronic)9781728185972
ISBN (Print)9781728185972
DOIs
Publication statusPublished - 1 Sep 2020
Externally publishedYes
Event5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 - Virtual, Genoa, Italy
Duration: 7 Sep 202011 Sep 2020

Publication series

NameProceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020

Conference

Conference5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
CountryItaly
CityVirtual, Genoa
Period7/09/2011/09/20

Fingerprint Dive into the research topics of 'An Experimental Approach for Estimating Cyber Risk: A Proposal Building upon Cyber Ranges and Capture the Flags'. Together they form a unique fingerprint.

Cite this